<?php session_start();
if (empty($_POST)) { 
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Buy917後台登入系統</title>
<SCRIPT LANGUAGE=JAVASCRIPT>
if (top.location != self.location)top.location=self.location;
</SCRIPT>

<style type="text/css">
	body{		
		background:url(images/adminbg.gif) repeat-x #f46704; 
		margin:0px; padding:0px;
		}
	
	.bg{
		 width:100%; height:265px; margin:170px auto 0px
		}
	.bg1{
		background-image:url(images/login_bg.png); background-repeat:no-repeat; width:951px; height:265px; margin:0px auto;
		}
	.bady{
	    width:300px; height:102px; margin:118px 0px 10px 400px; _margin:108px 0px 10px 190px; float:left
		}
	.input{
		width:170px; height:24px; border:1px solid #666; background-color:#FFF; padding-left:5px; padding-right:5px; line-height:24px; font-size:18px; font-weight:bold
		}
	.bt{
		background:none;background-image:url(images/login.png); width:93px; height:95px; border:0px; cursor:pointer
		}
	.foot{
		float:left; margin-top:8px; margin-left:450px; _margin-left:225px; width:219px; height:18px; line-height:18px; text-align:center; background-image:url(images/bg3.gif); font-size:12px; font-family:"宋体"}
</style>

</head>

<body>

<form method="post">
<div class="bg">
	<div class="bg1">
    	<div class="bady"><table width="300" height="102" border="0" cellspacing="0" cellpadding="0">
  <tr>
    <td colspan="2" align="left" valign="middle">
        <input type="text" class="input" name="user" id="textfield" tabindex="1"/>
     </td>
    <td width="117" rowspan="3">
      <input type="submit" class="bt" name="button" id="button" value="" tabindex="4"/>
    </td>
  </tr>
  <tr align="left" valign="middle">
    <td colspan="2"><input type="password" class="input" name="password" id="textfield2" tabindex="2"/></td>
    </tr>
  <tr align="left" valign="middle">
    <td width="87"><input type="text" class="input" style="width:80px" name="code" id="textfield3" tabindex="3"/></td>
    <td width="96" align="left"> <img src="../includes/code/securimage_show.php?sid=<?php echo md5(time()) ?>" name="siimage" align="left" id="siimage" style="padding-left: 5px; border: 0;cursor:hand" onclick='this.src=this.src+"&"+Math.random();' alt="点击刷新验证码"/></td>
    </tr>
</table>

      </div>
      
    </div>
</div>




</form>
</body>
</html>
<?php
} else { //form is posted
	include("../common.inc.php");
	InitGP(array("user","password"),"P",1); //初始化变量全局返回
	include("code/securimage.php");
	$img = new Securimage();
	$valid = $img->check($_POST['code']);
	if($valid != true) {
  		showmsg("驗證碼錯誤","-1");
  		exit;
  	}
  	if (empty($user)||empty($password)) {
  		showmsg("帳號或密碼是空的","-1");
  		exit;
  	}
	$row = $db->fetch_first("Select * From {$tablepre}admin where user like '$user' ");
	if(is_array($row))
	{
		if(md5(md5($password)) != $row['password'])
		{
			showmsg("帳號或密碼錯誤","-1");
			exit;
		}else 
		{
			$adminauth=$row['aid']."\t".$user."\t".$row['password'];
			set_cookie('adminauth',cookie_authcode($adminauth,'ENCODE'),time()+3600*10);	//设置一个小时cookie有效期			
			addfield("admin","logincount","user='{$user}'",1);//更新登录次数
			editstate("admin","lastlogin","user='{$user}'",$timestamp);//更最后登录时间
			showmsg("登入成功！","index.php");	
		}
	
	}else showmsg("帳號不存在","-1");
  
	
}

?>